Fastly Study Shows Large Amount Of Aussie IT Companies Are Operating Under Threat Of Cyber Attack
Fastly, Inc., a global edge cloud platform provider, today released new research in partnership with Ecosystm that shows 75 percent of Australian businesses are now living with a vastly increased attack surface caused by their reliance on web-based applications.
Large attack surfaces are routinely sought out and tested by attackers looking for less-protected entry points into corporate IT environments.
According to the survey, organisations in Australia moved en masse to more decentralised IT architectures over the past two years, but still struggle with some of the cybersecurity implications of these kinds of digital- and cloud-first operating models. Cloud, web applications and the APIs that enable these apps to integrate and exchange data rate highly in the risk and challenge assessments by CIOs, IT directors and technology leaders of Australian organisations. API endpoints, cloud service provider authentication, and enterprise open source software are all seen to pose considerable risks as potential entry points for attackers.
Inadequate controls around these architectural elements, coupled with a lack of operational maturity and reliance on traditional defensive postures, has Australian business leaders on edge and fearful of attacks. The survey shows that 65 percent of large enterprises in Australia rate nation state attacks as a very high or high risk to their organisations. There is also concern among leaders of all business sizes over credential stuffing, which attackers may use to try to compromise cloud accounts and individual as-a-service logins.
The research also shows that:
- IT leaders expect to increase focus on the security of web applications in the next two years, but more likely in 2023. Digital has dominated IT strategies over the past two years, but operating securely in a majority or fully web- or cloud-based environment means living with elevated risk tolerances and discomfort for security teams.
- Application security often comes off second in the competition for attention and funding. Over half (53 percent) of IT leaders say they’re prioritising “other digital transformation projects” above application security in 2022, while 39 percent say “other business initiatives” – outside of IT – are taking priority, to the detriment of cybersecurity.
- More than 40 percent of leaders identify cloud misconfiguration as being still among their top five cybersecurity challenges. Despite the attention and focus this issue has received in the past couple of years, and the rise of low-code/no-code platforms and configurations, cloud environments remain complex, and errors or misunderstandings mean even experienced engineers can encounter cost overruns and/or unintended data exposure risks. This is higher for enterprises (41 percent) than for large (22 percent) and medium-sized (26 percent) organisations.
- The key challenge for managing application security initiatives is complexity. 55 percent of leaders say too many third parties are involved in end-to-end security of their applications, pointing to the new reality of operating in a cloud-, web- and API-driven world.
That is because a typical response by decision-makers to the increasing complexity of their technology environments is to deploy additional new security solutions. But that approach means nearly half of Australian companies have more than 50 cybersecurity tools, and are battling alert fatigue and high false positive rates as a result.
Organisations need a modern cybersecurity posture that enables them to anticipate threats before they happen, and respond instantly when attacks occur. They need security controls that are capable of automatically sensing, detecting, reacting, and responding to access requests, authentication needs, and outside and inside threats. Administration and application of these controls should also be automated to a high degree to improve coverage and consistency, and reduce the burden on Security Operations Centres (SOCs) and cybersecurity practitioners.
“As Australian companies move deeper into digital transformations, they come up against a known problem: the challenges of securing a rapidly rising number of mission-critical cloud services and API-centric applications,” said Derek Rast, area vice president Australia and New Zealand at Fastly. “The tools these companies use to secure their digital-first, cloud-first and microservices-based architectures need to evolve. Traditional web application and API security tools fall short in this regard. Leveraging Web Application Firewalls (WAFs) and Content Delivery Networks (CDNs) should be part of a holistic defense-in-depth security strategy.”
Illustrating perfectly the cyber maturity challenges faced by Australian companies is the lack of consistency in the operating parameters, powers and preparedness of cyber threat and incident response teams.
The research finds one in three cyber threat response teams lacks the support of key internal stakeholders, is unclear about escalation points for incident management, and doesn’t have the authority to confiscate or disconnect equipment and monitor suspicious activity, including from senior management.
In addition, when it comes to cyber threat response planning:
- Only 54 percent have a full plan that includes legal and corporate communications teams
- 50 percent rehearse the plan at least once a year, the other half practice less frequently or don’t practice at all
- 48 percent have a timeframe for additions and improvements for the plan, and hold senior leaders responsible for making the improvements
Enterprises are more likely than large or medium-sized organisations to have a multi-stakeholder plan that is well-rehearsed. However, they’re also more likely to be subjected to regulated requirements for incident planning and response. This is supported in the study by compliance being identified as a major cybersecurity challenge facing organisations.
Medium and large organisations are more likely than enterprises to be rethinking the way they deploy applications and business logic to end users and to be in active pursuit of that target state. The research shows 64 percent of medium-sized organisations and 56 percent of large organisations are embracing edge computing, moving business logic from application servers to an edge cache. By contrast, just 43 percent of enterprises are doing the same – 10 percent below the overall average.
Moving business logic from the backend to the edge not only increases application performance but can also substantially reduce an organisation’s risk, since user requests are funnelled through a single ‘front door’, instead of to any number of servers that host the application.
Please login with linkedin to comment
fastlyLatest News
Sydney Comedy Festival: Taking The City & Social Media By Storm
Sydney Comedy Festival 2024 is live and ready to rumble, showing the best of international and homegrown talent at a host of venues around town. As usual, it’s hot on the heels of its big sister, the giant that is the Melbourne International Comedy Festival, picking up some acts as they continue on their own […]
Global Marketers Descend For AANA’s RESET For Growth
The Australian Association of National Advertisers (AANA) has announced the final epic lineup of local and global marketing powerhouses for RESET for Growth 2024. Lead image: Josh Faulks, chief executive officer, AANA Back in 2000, a woman with no business experience opened her first juice bar in Adelaide. The idea was brilliantly simple: make healthy […]
Is Meta’s New AI Chatbot Too Left-Wing?
Meta's chatbot accused of being left-wing after being caught wearing a Che Guevara T-shirt & listening to Billy Bragg.
TV Ratings (23/04/2024): Why Did No One Tell Angela That Farmer Wants A Wife Is Set On A Farm?
As wonderful as this headline is, let's face it, we all know an 'Angela', don't we?
PubMatic Unveils New AI Partnership To Turn Social Posts Into Ads For Any Digital Channel
Here's some nifty tech for turning social posts into ads. Assuming said posts aren't one-star character assassinations.
Intuit Mailchimp Makes A Splash With Its First Australian Brand Campaign
Ever laugh along at a gag you didn't get so as not to appear dumb? Get ready for more feigning with this new work.
GumGum’s Rob Hall: Advertisers Can No Longer “Rely On Binary Descriptions” Of Consumers
If anyone's got their finger on adtech's pulse, it's Rob Hall. He also avoids using the good paper in the office printer
Mastercard Nabs Florencia Aimo From Marriott International
Marriott International's Florencia Aimo jumps from the hotel business to the exploitative credit card one.
Bastion Agency Appoints Cheuk Chiang As New ANZ CEO
Cheuk Chiang takes the reins over at Bastion Agency. But not the rains down in Africa.
Spotlight On Sponsors: Major Sponsorship Wins After A Disappointing Week In Sport
B&T continuing our deep dive into local sport sponsorships & that's despite not a single offer of a free ticket as yet.
Macca’s Marketing Director, Samantha McLeod On Big Mac Chant: “What Was Once Old Is Now Cool Again”
Macca's using the power of nostalgia in latest Big Mac campaign. Well, only for those who've ever eaten one sober.
World Premiere Of Midnight Oil: The Hardest Line To Open Sydney Film Festival 2024
Oil's biopic to open Sydney Film Festival. Here's hoping Molly Meldrum will take his pants down at the premiere.
Entries Are Now Open For The 2024 Brandies, IntelligenceBank’s Annual Brand Marketing Awards
The Brandies are, of course, a prestigious marketing gong and not the mystery tipple favoured by nannas everywhere.
The Fred Hollows Foundation Appoints Ardent For PR
Yes, we all like to have a joke at PR's expense. But sometimes it does important work, like this.
AI, eCommerce & Marketing Specialists Are In Increased Demand By Businesses, New Data From Fiverr Shows
Has your philosophy & anthropology degree left you with nothing but a huge HECS debt? Here's what you should've studied.
Perth’s First 3D Anamorphic Billboard Arrives Courtesy Of oOh!media
Do you love a buzzword? Now you can add anamorphic to the list as it relates to billboards, not a colleague's ears.
MasterChef Australia & Crown Resorts Launch Unique Dining Experience With ALUMNI
A pop-up restaurant staffed by MasterChef contestants! That's fine dining prices for first-year apprentice chef cuisine!
Amanda Laing Announces Resignation From Foxtel Group
Foxtel's chief commercial & content officer heads for the exits. Read nice things the bosses said about her right here.
The Lost Letters From Our Diggers: News Corp Unveils ANZAC Day Special
It's nice when brands respectfully acknowledge ANZAC Day.
Howatson+Company Acquires Akkomplice
Large indie acquires a slightly smaller indie. Much like a shark eating a tuna, just with less thrashing and blood.
Google Delays Third-Party Cookie Deprecation Again
In good news for the sale of picture library biscuit photos, Google continues to tease over the end of cookies.
Education A Low Priority For Aussies More Concerned With Cost Of Living Forethought Study Reveals
Study finds Aussies cutting back on education due to cost of living. Booze & Uber Eats sales remain largely unaffected.
“I’m Still The Same Person That I Was”: Rikki Stern Says “Fucc It” To Cancer Stereotypes
B&T always happy to promote the anti-cancer cause. Even brands that massively overdo it with the hot pink.
The Unapproved Climate Certification Allegedly Causing Mass Greenwashing
Are you left flummoxed in the canned tuna & free range eggs aisle? Just wait till this green certification gets up.
TV Ratings (22/04/2024): Fans Mock “Over The Top” Reaction To New MasterChef Judges
MasterChef returns for its 2024 season. B&T stands by putting peppercorns in Gravox & no one will be any the wiser.
Dentsu Restructure: Muddle, Harvey & Johnston Take Leadership Baton As Bass & Yurisich Exit
A large broom has swept through Dentsu's local ops this morning, taking with it some big names & the air con's cobwebs.
Industry Shares Trends Shaping The Industry This International Creators Day
B&T's asking adland creators to reveal their top trends. And it's not good news for your Jenny Kee cardigan collection.
Mable Extends HOYTS Sensory Screenings Partnership
Mable has extended its HOYTS sensory screening partnership. Vigorously defends its two-star Oppenheimer review.
Orphan Launches ‘They Need Our Help. We Need Yours’ For Children’s Cancer Institute
Anything to do with childhood cancers has B&T's 110% support. That said, we do ignore the red meat & alcohol warnings.
Smile Team Orthodontics & Keep Left Collaborate On Smile-Inducing Campaign
As parents would attest, given the cost of orthodontics you'd expect this campaign to be a lavish production indeed.
Opinion: How Video Calls Neglect Learning Diversity
Need an excuse to duck out of a video call this arvo? Show this to your boss.
DoubleVerify Achieves First-Of-Its-Kind Responsible AI Certification From TrustArc
DoubleVerify receives responsible AI certification. However, not its robotic vacuum that's been seen menacing the cat.
Smile For A Good Cause: The Social Media Campaign Giving Back To The Community
Are you known as the office Austin Powers? More for you teeth than shagability? Get snappy new fangs with this news.
Elon Musk Mocks Albo After ESafety Wins Court Injunction Against X
Albo's 2024 from hell continues - Rabbitohs in crisis, down in the polls and now feuding with world's richest man.
Real Estate Developer In Hot Water Over “Sexually Exploitative” OOH Campaign
Real estate agents again tops in the 'least trusted profession' polls, nudging used car salesmen & ad creatives.
Epsilon’s Shane Hanby: Post-Cookie Era Relies On “Teamwork” Between Brands, Marketers & Tech
This pro predicts more "teamwork" in a post-cookie era. Which spells bad news for the uncooperative or plain stubborn.